Be the first to receive the Cloud Threats Memo directly in your inbox by subscribing here.
The weaponization of digital trust involves exploiting an application or tool we use in our daily digital life to perform our business or personal tasks for malicious purposes. It is a technique increasingly used by the threat actors to carry out malicious actions such as the delivery of malware or links to phishing pages.
Cloud applications are among the tools that we use in our digital life the most, and consequently they have become a launchpad for opportunistic and targeted cyber criminal campaigns: the attackers exploit the popularity of the app, the fact that these apps are trusted by humans and legacy security technologies (i.e. they are whitelisted), and as an additional bonus they also offer a simplified, resilient, and always available hosting infrastructure, compared to a traditional hosting infrastructure.
So it is no coincidence that some of the most popular cloud apps are also the most exploited by the attackers. In particular, among the top abused apps, GitHub seems to be on a roll, and a recent campaign unearthed by security researchers at VulnCheck in early May confirmed this trend. In fact the researchers stumbled upon a malicious GitHub repository that claimed to be a Signal zero-day. Despite t